CVE-2015-0769

Published Jun 12, 2015

Last updated 3 months ago

CVSS info 7.8

Overview

Description: Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B40261BE-3C8C-4519-9D30-033982B28D2D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "449FC52E-F5D6-4667-8F76-67512757BBDB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D907DF57-CEFD-4399-B3E6-22CEDF0E6930"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42AB82F9-8E65-42CA-BE07-6B67B523B356"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEF92AF9-CB4A-4521-BC1A-19B432E3E5D3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4189F0A-D0AC-4F8A-BCD0-447BD2C07B79"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85EA55F4-6DF6-48D8-8DBC-0037423C3704"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A9EC099-ABC3-4431-8E0B-C938242EDCD6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.1_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9316BD4-A74F-450F-A931-DFAAA4CECC59"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr_software:4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43C2104E-37A8-48F3-B445-F23C5E295E49"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References